def login_post(): vm = LoginViewModel() vm.validate() if vm.error: return vm.to_dict() # todo: log in browser as session resp = flask.redirect("/") cookie.set_auth(resp, str(vm.user.id)) return resp
async def login_post(request: Request): vm = LoginViewModel(request) await vm.load() if vm.error: return vm.to_dict() # Create the account user = user_service.login_user(vm.email, vm.password) if not user: vm.error = "The account does not exist or the password is wrong." return vm.to_dict() # Login user response = fastapi.responses.RedirectResponse( url='/account', status_code=status.HTTP_302_FOUND) cookie_auth.set_auth(response, user.id) return response
def login_post(): vm = LoginViewModel() vm.validate() if vm.error: return render_template("account/login.html", error=vm.error) user = user_service.login_user(vm.username, vm.password) if not user: return render_template("account/login.html", username=vm.username, error="The account does not exist or the " "password is wrong.") # Validate the user login_user(user) return redirect("/account")
def login(): if flask.request.method == "POST": vm = LoginViewModel() if not vm.email or not vm.password: return {"error": "You have not filled your credentials properly"} user = user_service.validate_user(vm.email, vm.password) if not user: today = date.today() # gets the date of the login attempt time = datetime.now() # gets the time of the login attempt current_time = time.strftime( "%H:%M:%S") # formats the time in a specific format hostname = socket.gethostname( ) # gets the hostname of the attacker ip_address = socket.gethostbyname( hostname) # gets the ip address of the attacker agent = request.environ.get('HTTP_USER_AGENT') browser = httpagentparser.detect( agent) # gets the browser of the attacker if not browser: browser = agent.split('/')[0] else: browser = browser['browser']['name'] log_DateTime = str(today) + " " + str(current_time) log_Account = vm.email log_AttemptedPassword = vm.password log_HostName = hostname log_IPAddress = ip_address log_browser = browser log_OS = platform.system( ) # gets the operating system of the attacker log_service.createLog(log_DateTime, log_Account, log_AttemptedPassword, log_HostName, log_IPAddress, log_browser, log_OS) f = open("loginLog.txt", "a") f.write("FAILED LOGIN ATTEMPT FOR " + vm.email + " at " + str(today) + " " + str(current_time) + " with password: "******"\n") f.close() return {"error": "You have entered an invalid email or password"} if user: login_user(user) resp = flask.redirect('/accounts') cookie_auth.set_auth(resp, current_user.id) return resp
def login_post(): vm = LoginViewModel() vm.validate() if vm.error: return vm.to_dict() user = user_service.login_user(vm.email, vm.password) if not user: vm.error = "The account does not exist or the password is wrong." return vm.to_dict() resp = flask.redirect('/account') cookie_auth.set_auth(resp, user.id) return resp
def loginadmin(): if flask.request.method == "POST": vm = LoginViewModel() vm.validate() if vm.error: return vm.convert_to_dict() admin = admin_service.login_admin_self(vm.email, vm.password) if not admin: vm.error = "The account does not exist or the password is wrong (admin)." return vm.convert_to_dict() if admin: resp = flask.redirect('/admin') cookie_auth.set_auth(resp, admin.id) login_user(admin_service.check_admin_or_user(admin.id)) return resp
def login_get(request: Request): vm = LoginViewModel(request) return vm.to_dict()
def login_get(): vm = LoginViewModel() return vm.to_dict()
def login_get(): vm = LoginViewModel() if vm.user_id: return flask.redirect("/account") return vm.to_dict()